mirror of
https://github.com/e107inc/e107.git
synced 2025-08-03 13:17:24 +02:00
Usersettings.php rewrite.
This commit is contained in:
584
usersettings.php
584
usersettings.php
@@ -48,21 +48,31 @@ if ((!ADMIN || !getperms("4")) && e_QUERY && e_QUERY != "update" )
|
||||
include_lan(e_LANGUAGEDIR.e_LANGUAGE.'/lan_user.php'); // Generic user-related language defines
|
||||
include_lan(e_LANGUAGEDIR.e_LANGUAGE.'/lan_usersettings.php');
|
||||
|
||||
|
||||
$ue = e107::getUserExt(); // needed by shortcodes for now.
|
||||
|
||||
require_once (e_HANDLER.'ren_help.php');
|
||||
require_once (e_HANDLER.'user_extended_class.php');
|
||||
// require_once (e_HANDLER.'user_handler.php');
|
||||
require_once(e_HANDLER.'validator_class.php');
|
||||
$ue = new e107_user_extended;
|
||||
|
||||
$userMethods = e107::getUserSession();
|
||||
|
||||
require_once (e_HANDLER.'ren_help.php');
|
||||
|
||||
|
||||
if(deftrue('BOOTSTRAP')===3)
|
||||
|
||||
|
||||
|
||||
class usersettings_front // Begin Usersettings rewrite.
|
||||
{
|
||||
|
||||
private $template = array();
|
||||
private $sc = null;
|
||||
|
||||
|
||||
/**
|
||||
* usersettings_front constructor.
|
||||
*/
|
||||
function __construct()
|
||||
{
|
||||
|
||||
if(deftrue('BOOTSTRAP')===3)
|
||||
{
|
||||
$template = e107::getCoreTemplate('usersettings','', true, true); // always merge
|
||||
|
||||
$USERSETTINGS_MESSAGE = "{MESSAGE}";
|
||||
@@ -72,69 +82,97 @@ if(deftrue('BOOTSTRAP')===3)
|
||||
$usersettings_shortcodes = e107::getScBatch('usersettings');
|
||||
|
||||
$usersettings_shortcodes->wrapper('usersettings/edit');
|
||||
}
|
||||
else
|
||||
{
|
||||
}
|
||||
else
|
||||
{
|
||||
global $sc_style;
|
||||
include_once (e107::coreTemplatePath('usersettings')); //correct way to load a core template.
|
||||
e107::scStyle($sc_style);
|
||||
$usersettings_shortcodes = e107::getScBatch('usersettings');
|
||||
}
|
||||
}
|
||||
|
||||
$this->sc = $usersettings_shortcodes;
|
||||
$this->template = array(
|
||||
'message' => $USERSETTINGS_MESSAGE,
|
||||
'message_caption' => $USERSETTINGS_MESSAGE_CAPTION,
|
||||
'edit_caption' => $USERSETTINGS_EDIT_CAPTION,
|
||||
'edit' => $USERSETTINGS_EDIT,
|
||||
|
||||
);
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
e107::js('footer-inline',"
|
||||
e107::js('footer-inline',"
|
||||
function addtext_us(sc)
|
||||
{
|
||||
document.getElementById('dataform').image.value = sc;
|
||||
}
|
||||
");
|
||||
|
||||
}
|
||||
|
||||
/**
|
||||
* @param $id
|
||||
* @return mixed
|
||||
*/
|
||||
private function getTemplate($id)
|
||||
{
|
||||
return $this->template[$id];
|
||||
}
|
||||
|
||||
/**
|
||||
* @return bool
|
||||
*/
|
||||
public function init()
|
||||
{
|
||||
$pref = e107::getPref();
|
||||
$tp = e107::getParser();
|
||||
$ue = e107::getUserExt();
|
||||
$mes = e107::getMessage();
|
||||
$sql = e107::getDb();
|
||||
$ns = e107::getRender();
|
||||
$userMethods = e107::getUserSession();
|
||||
|
||||
$photo_to_delete = '';
|
||||
$avatar_to_delete = '';
|
||||
$ue_fields = '';
|
||||
$promptPassword = false;
|
||||
$error = FALSE;
|
||||
$extraErrors = array();
|
||||
$eufVals = array();
|
||||
$savePassword = '';
|
||||
$photo_to_delete = '';
|
||||
$avatar_to_delete = '';
|
||||
$ue_fields = '';
|
||||
$promptPassword = false;
|
||||
$error = FALSE;
|
||||
$extraErrors = array();
|
||||
$eufVals = array();
|
||||
$savePassword = '';
|
||||
|
||||
$inp = USERID; // Initially assume that user is modifying their own data.
|
||||
$_uid = false; // FALSE if user modifying their own data; otherwise ID of data being modified
|
||||
$adminEdit = false; // @deprecated // FALSE if editing own data. TRUE if admin edit
|
||||
|
||||
$inp = USERID; // Initially assume that user is modifying their own data.
|
||||
$_uid = false; // FALSE if user modifying their own data; otherwise ID of data being modified
|
||||
$adminEdit = FALSE; // FALSE if editing own data. TRUE if admin edit
|
||||
|
||||
if(is_numeric(e_QUERY))
|
||||
{ // Trying to edit specific user record
|
||||
if(is_numeric(e_QUERY))
|
||||
{ // Trying to edit specific user record
|
||||
if (ADMIN)
|
||||
{ // Admin edit of specific record
|
||||
/*
|
||||
$_usersettings_matches = Array
|
||||
(
|
||||
/*
|
||||
$_usersettings_matches = Array
|
||||
(
|
||||
[0] => /e107/usersettings.php?# OR /e107/edit/user/#
|
||||
[1] => e107
|
||||
[2] => usersettings.php OR edit/user
|
||||
[3] => ? OR /
|
||||
[4] => #
|
||||
)
|
||||
*/
|
||||
$inp = intval(e_QUERY);
|
||||
)
|
||||
*/
|
||||
$inp = intval(e_QUERY);
|
||||
|
||||
$usersettings_form_action = strstr('?', $_usersettings_matches[3]) ? e_SELF.'?'.e_QUERY : e_SELF;
|
||||
// $usersettings_form_action = strstr('?', $_usersettings_matches[3]) ? e_SELF.'?'.e_QUERY : e_SELF;
|
||||
|
||||
$_uid = $inp;
|
||||
$info = e107::user($inp);
|
||||
$_uid = $inp;
|
||||
$info = e107::user($inp);
|
||||
//Only site admin is able to change setting for other admins
|
||||
if(!is_array($info) || ($info['user_admin'] == 1 && (!defined('ADMINPERMS') || ADMINPERMS !== '0')) || ((!defined('ADMINPERMS') || ADMINPERMS !== '0') && !getperms('4')))
|
||||
{
|
||||
if(!is_array($info) || ($info['user_admin'] == 1 && (!defined('ADMINPERMS') || ADMINPERMS !== '0')) || ((!defined('ADMINPERMS') || ADMINPERMS !== '0') && !getperms('4')))
|
||||
{
|
||||
e107::redirect();
|
||||
exit();
|
||||
}
|
||||
}
|
||||
$adminEdit = TRUE; // Flag to indicate admin edit
|
||||
}
|
||||
else
|
||||
@@ -144,28 +182,24 @@ if(!is_array($info) || ($info['user_admin'] == 1 && (!defined('ADMINPERMS') || A
|
||||
exit();
|
||||
}
|
||||
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
|
||||
require_once (HEADERF);
|
||||
// Save user settings (changes only)
|
||||
//-----------------------------------
|
||||
|
||||
|
||||
|
||||
// Save user settings (changes only)
|
||||
//-----------------------------------
|
||||
|
||||
if (isset($_POST['updatesettings']) || isset($_POST['SaveValidatedInfo']))
|
||||
{
|
||||
// $udata = e107::user($inp); //@deprecated // Get all the existing user data, including any extended fields
|
||||
if (isset($_POST['updatesettings']) || isset($_POST['SaveValidatedInfo']))
|
||||
{
|
||||
// $udata = e107::user($inp); //@deprecated // Get all the existing user data, including any extended fields
|
||||
|
||||
$udata = e107::user($inp); // Get all the existing user data, including any extended fields
|
||||
$udata['user_classlist'] = $userMethods->addCommonClasses($udata, FALSE);
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
if (isset($_POST['updatesettings']))
|
||||
{
|
||||
if (isset($_POST['updatesettings']))
|
||||
{
|
||||
if (!vartrue($pref['auth_method']))
|
||||
{
|
||||
$pref['auth_method'] = 'e107';
|
||||
@@ -178,12 +212,13 @@ if (isset($_POST['updatesettings']))
|
||||
}
|
||||
|
||||
// Uploaded avatar and/or photo
|
||||
if (varset($file_userfile['error']) != 4)
|
||||
if (varset($_FILES['file_userfile']['error']) != UPLOAD_ERR_NO_FILE)
|
||||
{
|
||||
require_once (e_HANDLER.'upload_handler.php');
|
||||
require_once (e_HANDLER.'resize_handler.php');
|
||||
|
||||
if ($uploaded = process_uploaded_files(e_AVATAR_UPLOAD, 'prefix+ap_'.$tp->leadingZeros($udata['user_id'],7).'_', array('overwrite' => TRUE, 'file_mask'=>'jpg,png,gif,jpeg', 'max_file_count' => 2)))
|
||||
$opts = array('overwrite' => TRUE, 'file_mask'=>'jpg,png,gif,jpeg', 'max_file_count' => 2);
|
||||
|
||||
if ($uploaded = e107::getFile()->getUploaded(e_AVATAR_UPLOAD, 'prefix+ap_'.$tp->leadingZeros($udata['user_id'],7).'_', $opts))
|
||||
{
|
||||
foreach ($uploaded as $upload)
|
||||
{
|
||||
@@ -237,10 +272,10 @@ if (isset($_POST['updatesettings']))
|
||||
$changedUserData = validatorClass::findChanges($allData['data'], $udata,FALSE);
|
||||
|
||||
|
||||
e107::getMessage()->addDebug("<h5>Existing User Info</h5>".print_a($udata,true));
|
||||
e107::getMessage()->addDebug('<h5>$allData</h5>'.print_a($allData['data'],true));
|
||||
e107::getMessage()->addDebug("<h5>Existing User Info</h5>".print_a($udata,true));
|
||||
e107::getMessage()->addDebug('<h5>$allData</h5>'.print_a($allData['data'],true));
|
||||
|
||||
e107::getMessage()->addDebug("<h5>Posted Changes</h5>".print_a($changedUserData,true));
|
||||
e107::getMessage()->addDebug("<h5>Posted Changes</h5>".print_a($changedUserData,true));
|
||||
|
||||
// Login Name checks - only admin can change login name
|
||||
if (isset($changedUserData['user_loginname']))
|
||||
@@ -308,7 +343,7 @@ e107::getMessage()->addDebug("<h5>Posted Changes</h5>".print_a($changedUserData,
|
||||
{
|
||||
if (US_DEBUG)
|
||||
{
|
||||
$admin_log->e_log_event(10, debug_backtrace(), "DEBUG", "Usersettings test", "Write back classes; old list: {$udata['user_class']}; new list: ".$nid, false, LOG_TO_ROLLING);
|
||||
e107::getLog()->e_log_event(10, debug_backtrace(), "DEBUG", "Usersettings test", "Write back classes; old list: {$udata['user_class']}; new list: ".$nid, false, LOG_TO_ROLLING);
|
||||
}
|
||||
$changedUserData['user_class'] = $nid;
|
||||
}
|
||||
@@ -345,50 +380,54 @@ e107::getMessage()->addDebug("<h5>Posted Changes</h5>".print_a($changedUserData,
|
||||
$error = true;
|
||||
}
|
||||
}
|
||||
} // End - update setttings
|
||||
elseif (isset($_POST['SaveValidatedInfo'])) // Next bit only valid if user editing their own data
|
||||
{
|
||||
if (!$adminEdit && !empty($_POST['updated_data']) && !empty($_POST['currentpassword']) && !empty($_POST['updated_key']))
|
||||
{ // Got some data confirmed with password entry
|
||||
} // End - update setttings
|
||||
elseif(isset($_POST['SaveValidatedInfo'])) // Next bit only valid if user editing their own data
|
||||
{
|
||||
/* if(!empty($_POST['updated_data']) && !empty($_POST['currentpassword']) && !empty($_POST['updated_key']))
|
||||
{ // Got some data confirmed with password entry*/
|
||||
$new_data = base64_decode($_POST['updated_data']);
|
||||
|
||||
|
||||
// Should only happen if someone's fooling around
|
||||
if (md5($new_data) != $_POST['updated_key'] || ($userMethods->hasReadonlyField($new_data) !==false))
|
||||
if ($this->getValidationKey($new_data) !== $_POST['updated_key'] || ($userMethods->hasReadonlyField($new_data) !==false))
|
||||
{
|
||||
echo LAN_USET_42.'<br />';
|
||||
exit();
|
||||
return false;
|
||||
}
|
||||
|
||||
if (isset($_POST['updated_extended']))
|
||||
{
|
||||
$new_extended = base64_decode($_POST['updated_extended']);
|
||||
if (md5($new_extended) != $_POST['extended_key'])
|
||||
|
||||
if ($this->getValidationKey($new_extended) !== $_POST['extended_key'])
|
||||
{ // Should only happen if someone's fooling around
|
||||
echo LAN_USET_42.'<br />';
|
||||
exit();
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
||||
if ($userMethods->CheckPassword($_POST['currentpassword'], $udata['user_loginname'], $udata['user_password']) === false) // Use old data to validate
|
||||
|
||||
{ // Invalid password
|
||||
echo "<br />".LAN_INCORRECT_PASSWORD."<br />";
|
||||
if(!$adminEdit)
|
||||
{
|
||||
require_once (FOOTERF);
|
||||
|
||||
$mes->addError("<p>".LAN_INCORRECT_PASSWORD."</p>");
|
||||
$mes->addError("<a class='btn btn-danger' href='".e107::getUrl()->create('user/myprofile/edit')."'>".LAN_BACK."</a>");
|
||||
|
||||
echo $mes->render();
|
||||
return false;
|
||||
}
|
||||
else
|
||||
{
|
||||
require_once(e_ADMIN."footer.php");
|
||||
}
|
||||
exit();
|
||||
}
|
||||
$changedUserData = unserialize($new_data);
|
||||
|
||||
|
||||
$changedUserData = e107::unserialize($new_data);
|
||||
|
||||
$savePassword = $_POST['currentpassword'];
|
||||
if (!empty($new_extended)) $changedEUFData = unserialize($new_extended);
|
||||
|
||||
if(!empty($new_extended))
|
||||
{
|
||||
$changedEUFData = e107::unserialize($new_extended);
|
||||
}
|
||||
|
||||
unset($new_data);
|
||||
unset($new_extended);
|
||||
|
||||
if (isset($changedUserData['user_sess']))
|
||||
{
|
||||
$photo_to_delete = $udata['user_sess'];
|
||||
@@ -397,20 +436,20 @@ elseif (isset($_POST['SaveValidatedInfo'])) // Next bit only valid if user editi
|
||||
{
|
||||
$avatar_to_delete = $udata['user_image'];
|
||||
}
|
||||
// }
|
||||
}
|
||||
}
|
||||
unset($_POST['updatesettings']);
|
||||
unset($_POST['SaveValidatedInfo']);
|
||||
unset($_POST['updatesettings']);
|
||||
unset($_POST['SaveValidatedInfo']);
|
||||
|
||||
|
||||
// At this point we know the error status.
|
||||
// $changedUserData has an array of core changed data, except password, which is in $savePassword if changed (or entered as confirmation).
|
||||
// $eufData has extended user field data
|
||||
// $changedEUFData has any changes in extended user field data
|
||||
$dataToSave = !$error && (isset($changedUserData) && count($changedUserData)) || (isset($changedEUFData['data']) && count($changedEUFData['data'])) || $savePassword;
|
||||
// At this point we know the error status.
|
||||
// $changedUserData has an array of core changed data, except password, which is in $savePassword if changed (or entered as confirmation).
|
||||
// $eufData has extended user field data
|
||||
// $changedEUFData has any changes in extended user field data
|
||||
$dataToSave = !$error && (isset($changedUserData) && count($changedUserData)) || (isset($changedEUFData['data']) && count($changedEUFData['data'])) || $savePassword;
|
||||
|
||||
if ($dataToSave)
|
||||
{
|
||||
if ($dataToSave)
|
||||
{
|
||||
// Sort out password hashes
|
||||
if ($savePassword)
|
||||
{
|
||||
@@ -419,9 +458,9 @@ if ($dataToSave)
|
||||
$changedUserData['user_password'] = $sql->escape($userMethods->HashPassword($savePassword, $loginname), false);
|
||||
if (varset($pref['allowEmailLogin'], FALSE))
|
||||
{
|
||||
$user_prefs = e107::getArrayStorage()->unserialize($udata['user_prefs']);
|
||||
$user_prefs = e107::unserialize($udata['user_prefs']);
|
||||
$user_prefs['email_password'] = $userMethods->HashPassword($savePassword, $email);
|
||||
$changedUserData['user_prefs'] = e107::getArrayStorage()->serialize($user_prefs);
|
||||
$changedUserData['user_prefs'] = e107::serialize($user_prefs);
|
||||
}
|
||||
}
|
||||
else
|
||||
@@ -439,15 +478,15 @@ if ($dataToSave)
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
if ($dataToSave && !$promptPassword)
|
||||
{
|
||||
if ($dataToSave && !$promptPassword)
|
||||
{
|
||||
$inp = intval($inp);
|
||||
|
||||
|
||||
// We can update the basic user record now - can just update fields from $changedUserData
|
||||
if (US_DEBUG) { $admin_log->e_log_event(10, debug_backtrace(), "DEBUG", "Usersettings test", "Changed data:<br /> ".var_export($changedUserData, true), false, LOG_TO_ROLLING); }
|
||||
if (US_DEBUG) { e107::getLog()->e_log_event(10, debug_backtrace(), "DEBUG", "Usersettings test", "Changed data:<br /> ".var_export($changedUserData, true), false, LOG_TO_ROLLING); }
|
||||
if (isset($changedUserData) && count($changedUserData))
|
||||
{
|
||||
$changedData['data'] = $changedUserData;
|
||||
@@ -487,6 +526,7 @@ if ($dataToSave && !$promptPassword)
|
||||
{
|
||||
$message .= '<br />Error updating EUF';
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
// Now see if we need to log anything. First check the options and class membership
|
||||
@@ -562,12 +602,12 @@ if ($dataToSave && !$promptPassword)
|
||||
$log_action = USER_AUDIT_ADMIN; // If an admin did the mod, different heading
|
||||
// Embed a message saying who changed the data
|
||||
$changedUserData['message'] = str_replace(array('--ID--', '--LOGNAME--'), array(USERID, USERNAME), LAN_USET_18);
|
||||
$admin_log->user_audit($log_action, $do_log, $udata['user_id'], $udata['user_loginname']);
|
||||
e107::getLog()->user_audit($log_action, $do_log, $udata['user_id'], $udata['user_loginname']);
|
||||
}
|
||||
else
|
||||
{
|
||||
if (count($do_log) > 1) { $log_action = USER_AUDIT_NEW_SET; } // Log multiple entries to one record
|
||||
$admin_log->user_audit($log_action, $do_log);
|
||||
e107::getLog()->user_audit($log_action, $do_log);
|
||||
}
|
||||
}
|
||||
} // End of audit logging
|
||||
@@ -576,11 +616,11 @@ if ($dataToSave && !$promptPassword)
|
||||
// Now tidy up
|
||||
if ($photo_to_delete)
|
||||
{ // Photo may be a flat file, or in the database
|
||||
delete_file($photo_to_delete);
|
||||
$this->deleteFile($photo_to_delete);
|
||||
}
|
||||
if ($avatar_to_delete)
|
||||
{ // Avatar may be a flat file, or in the database
|
||||
delete_file($avatar_to_delete);
|
||||
$this->deleteFile($avatar_to_delete);
|
||||
}
|
||||
|
||||
// If user has changed display name, update the record in the online table
|
||||
@@ -609,6 +649,9 @@ if ($dataToSave && !$promptPassword)
|
||||
}
|
||||
|
||||
|
||||
$USERSETTINGS_MESSAGE =$this->getTemplate('message');
|
||||
$USERSETTINGS_MESSAGE_CAPTION = $this->getTemplate('message_caption');
|
||||
|
||||
if(isset($USERSETTINGS_MESSAGE))
|
||||
{
|
||||
$message = str_replace("{MESSAGE}",$message,$USERSETTINGS_MESSAGE);
|
||||
@@ -621,11 +664,11 @@ if ($dataToSave && !$promptPassword)
|
||||
|
||||
$caption = (isset($USERSETTINGS_MESSAGE_CAPTION)) ? $USERSETTINGS_MESSAGE_CAPTION : LAN_OK;
|
||||
|
||||
} // End - if (!$error)...
|
||||
} // End - if (!$error)...
|
||||
|
||||
|
||||
if (!$error && !$promptPassword)
|
||||
{
|
||||
if (!$error && !$promptPassword)
|
||||
{
|
||||
if(isset($_POST) && vartrue($changedUserData['user_name']))
|
||||
{
|
||||
$redirect = e107::getRedirect();
|
||||
@@ -635,73 +678,124 @@ if (!$error && !$promptPassword)
|
||||
$redirect->redirect($to);
|
||||
}
|
||||
unset($_POST);
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
if ($error)
|
||||
{
|
||||
// require_once (e_HANDLER.'message_handler.php');
|
||||
if ($promptPassword) // User has to enter password to validate data
|
||||
{
|
||||
$this->renderPasswordForm($changedUserData,$changedEUFData);
|
||||
return false;
|
||||
}
|
||||
|
||||
|
||||
|
||||
if ($error)
|
||||
{
|
||||
$message = $this->compileErrors($extraErrors, $allData, $eufVals);
|
||||
|
||||
// if(!empty($message))
|
||||
{
|
||||
if(deftrue('BOOTSTRAP'))
|
||||
{
|
||||
echo e107::getMessage()->addError($message)->render();
|
||||
}
|
||||
else
|
||||
{
|
||||
$ns->tablerender($caption, $message);
|
||||
}
|
||||
}
|
||||
}
|
||||
else // --- User data has been updated here if appropriate ---
|
||||
{
|
||||
|
||||
$testSessionMessage = e107::getMessage()->get(E_MESSAGE_SUCCESS, 'default', true); // only success in the session
|
||||
|
||||
if($testSessionMessage) $message = implode('<br />', $testSessionMessage); // we got raw message - array
|
||||
|
||||
if(empty($message))
|
||||
{
|
||||
$message = LAN_USET_41; // probably only extended fields updated.
|
||||
}
|
||||
|
||||
if(deftrue('BOOTSTRAP'))
|
||||
{
|
||||
echo e107::getMessage()->addSuccess($message)->render();
|
||||
}
|
||||
else
|
||||
{
|
||||
$ns->tablerender($caption, $message);
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
|
||||
|
||||
$this->renderForm($changedUserData);
|
||||
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* @param $extraErrors
|
||||
* @param $allData
|
||||
* @param $eufVals
|
||||
* @return string
|
||||
*/
|
||||
private function compileErrors($extraErrors, $allData, $eufVals)
|
||||
{
|
||||
$temp = array();
|
||||
$userMethods = e107::getUserSession();
|
||||
|
||||
if (count($extraErrors))
|
||||
{
|
||||
$temp[] = implode('<br />', $extraErrors);
|
||||
}
|
||||
|
||||
if (count($allData['errors']))
|
||||
{
|
||||
$temp[] = validatorClass::makeErrorList($allData,'USER_ERR_','%n - %x - %t: %v', '<br />', $userMethods->userVettingInfo);
|
||||
}
|
||||
|
||||
if (vartrue($eufVals['errors']))
|
||||
{
|
||||
$temp[] = '<br />'.validatorClass::makeErrorList($eufVals,'USER_ERR_','%n - %x - %t: %v', '<br />', NULL);
|
||||
}
|
||||
// message_handler('P_ALERT', implode('<br />', $temp));
|
||||
|
||||
$errorMsg = implode('<br />', $temp);
|
||||
return implode('<br />', $temp);
|
||||
|
||||
|
||||
if(deftrue('BOOTSTRAP'))
|
||||
{
|
||||
echo e107::getMessage()->addError($errorMsg)->render();
|
||||
}
|
||||
else
|
||||
{
|
||||
$ns->tablerender($caption, $message);
|
||||
}
|
||||
|
||||
|
||||
// $adref = $_POST['adminreturn'];
|
||||
}
|
||||
|
||||
|
||||
// --- User data has been updated here if appropriate ---
|
||||
$testSessionMessage = e107::getMessage()->get(E_MESSAGE_SUCCESS, 'default', true); // only success in the session
|
||||
if($testSessionMessage) $message = implode('<br />', $testSessionMessage); // we got raw message - array
|
||||
|
||||
if (isset($message))
|
||||
{
|
||||
if(deftrue('BOOTSTRAP'))
|
||||
/**
|
||||
* @param $string
|
||||
* @return string
|
||||
*/
|
||||
private function getValidationKey($string)
|
||||
{
|
||||
echo e107::getMessage()->addInfo($message)->render();
|
||||
return crypt($string, e_TOKEN);
|
||||
}
|
||||
else
|
||||
|
||||
|
||||
/**
|
||||
* @param $changedUserData
|
||||
* @param $changedEUFData
|
||||
*/
|
||||
private function renderPasswordForm($changedUserData, $changedEUFData )
|
||||
{
|
||||
$ns->tablerender($caption, $message);
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
$uuid = ($_uid ? $_uid : USERID); // If $_uid is set, its an admin changing another user's data
|
||||
|
||||
|
||||
if ($promptPassword)
|
||||
{ // User has to enter password to validate data
|
||||
$updated_data = serialize($changedUserData);
|
||||
$validation_key = md5($updated_data);
|
||||
$ns = e107::getRender();
|
||||
$updated_data = e107::serialize($changedUserData,'json');
|
||||
$validation_key = $this->getValidationKey($updated_data);
|
||||
$updated_data = base64_encode($updated_data);
|
||||
$updated_extended = serialize($changedEUFData);
|
||||
$extended_key = md5($updated_extended);
|
||||
$updated_extended = e107::serialize($changedEUFData, 'json');
|
||||
$extended_key = $this->getValidationKey($updated_extended);
|
||||
$updated_extended = base64_encode($updated_extended);
|
||||
$text = "<form method='post' action='".e_SELF.(e_QUERY ? "?".e_QUERY : '')."'>
|
||||
<table><tr><td style='text-align:center'>";
|
||||
|
||||
$formTarget = e107::getUrl()->create('user/myprofile/edit');
|
||||
|
||||
$text = "<form method='post' action='".$formTarget."'>
|
||||
<table><tr><td>";
|
||||
|
||||
foreach ($_POST as $k => $v)
|
||||
{
|
||||
if (is_array($v))
|
||||
@@ -716,43 +810,56 @@ if ($promptPassword)
|
||||
$text .= "<input type='hidden' name='{$k}' value='{$v}' />\n";
|
||||
}
|
||||
}
|
||||
$text .= LAN_USET_21."</td></tr><tr><td> </td></tr>
|
||||
<tr><td style='text-align:center'><input type='password' name='currentpassword' value='' size='30' />";
|
||||
$text .= "<input type='hidden' name='updated_data' value='{$updated_data}' /><input type='hidden' name='updated_key' value='{$validation_key}' />
|
||||
<input type='hidden' name='updated_extended' value='{$updated_extended}' /><input type='hidden' name='extended_key' value='{$extended_key}' />
|
||||
|
||||
$text .= LAN_USET_21."</td></tr>
|
||||
<tr><td> </td></tr>
|
||||
<tr><td>
|
||||
|
||||
<input type='password' class='form-control' name='currentpassword' value='' size='30' />";
|
||||
|
||||
$text .= "
|
||||
<input type='hidden' name='updated_data' value='{$updated_data}' />
|
||||
<input type='hidden' name='updated_key' value='{$validation_key}' />
|
||||
<input type='hidden' name='updated_extended' value='{$updated_extended}' />
|
||||
<input type='hidden' name='extended_key' value='{$extended_key}' />
|
||||
</td></tr>
|
||||
<tr><td> </td></tr>
|
||||
<tr><td style='text-align:center'><input type='submit' name='SaveValidatedInfo' value='".LAN_ENTER."' /></td></tr>
|
||||
<tr><td style='text-align:center'>
|
||||
".e107::getForm()->button('SaveValidatedInfo',1, 'submit', LAN_ENTER)."
|
||||
</td></tr>
|
||||
</table>
|
||||
</form>";
|
||||
$ns->tablerender(LAN_USET_39, $text);
|
||||
if(!$adminEdit)
|
||||
{
|
||||
require_once (FOOTERF);
|
||||
}
|
||||
else
|
||||
{
|
||||
require_once(e_ADMIN."footer.php");
|
||||
}
|
||||
}
|
||||
</form>";
|
||||
|
||||
|
||||
//--------------------------------------------------------
|
||||
// Re-read the user data into curVal (ready for display)
|
||||
//--------------------------------------------------------
|
||||
|
||||
$qry = "
|
||||
SELECT u.*, ue.* FROM #user AS u
|
||||
LEFT JOIN #user_extended AS ue ON ue.user_extended_id = u.user_id
|
||||
WHERE u.user_id=".intval($uuid);
|
||||
|
||||
$sql->gen($qry);
|
||||
$curVal=$sql->fetch();
|
||||
$curVal['user_class'] = varset($changedUserData['user_class'], $curVal['user_class']);
|
||||
$curVal['userclass_list'] = $userMethods->addCommonClasses($curVal, FALSE);
|
||||
$ns->tablerender(LAN_USET_39, $text);
|
||||
|
||||
if (vartrue($_POST))
|
||||
{ // Fix for all the values being lost when there was an error in a field - restore from the latest $_POST values
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* @param $changedUserData
|
||||
*/
|
||||
private function renderForm($changedUserData)
|
||||
{
|
||||
$sql = e107::getDb();
|
||||
$ns = e107::getRender();
|
||||
$tp = e107::getParser();
|
||||
$userMethods = e107::getUserSession();
|
||||
$uuid = USERID;
|
||||
$qry = "
|
||||
SELECT u.*, ue.* FROM #user AS u
|
||||
LEFT JOIN #user_extended AS ue ON ue.user_extended_id = u.user_id
|
||||
WHERE u.user_id=".intval($uuid);
|
||||
|
||||
$sql->gen($qry); // Re-read the user data into curVal (ready for display)
|
||||
$curVal=$sql->fetch();
|
||||
$curVal['user_class'] = varset($changedUserData['user_class'], $curVal['user_class']);
|
||||
$curVal['userclass_list'] = $userMethods->addCommonClasses($curVal, FALSE);
|
||||
|
||||
if(!empty($_POST))
|
||||
{ // Fix for all the values being lost when there was an error in a field - restore from the latest $_POST values
|
||||
// (Password fields have intentionally been cleared). If no error, there's an unset($_POST) to disable this block
|
||||
foreach ($_POST as $key => $val)
|
||||
{
|
||||
@@ -762,64 +869,55 @@ if (vartrue($_POST))
|
||||
{
|
||||
$curVal[$key] = $tp->post_toForm($val);
|
||||
}
|
||||
}
|
||||
|
||||
//require_once (e_HANDLER."form_handler.php");
|
||||
//$rs = new form;
|
||||
|
||||
$text = '<form method="post" action="'.vartrue($usersettings_form_action,e_REQUEST_URI).'" id="dataform" class="form-horizontal" enctype="multipart/form-data" autocomplete="off">';
|
||||
|
||||
//$text = (is_numeric($_uid) ? $rs->form_open("post", e_SELF."?".e_QUERY, "dataform", "", " class='form-horizontal' role='form' enctype='multipart/form-data'") : $rs->form_open("post", e_SELF, "dataform", "", " class='form-horizontal' role='form' enctype='multipart/form-data'"));
|
||||
|
||||
if (e_QUERY == "update")
|
||||
{
|
||||
$text .= "<div class='fborder' style='text-align:center'><br />".str_replace("*", "<span class='required'>*</span>", LAN_USET_9)."<br />".LAN_USET_10."<br /><br /></div>";
|
||||
}
|
||||
|
||||
// e107::scStyle($sc_style);
|
||||
e107::getScBatch('usersettings')->setVars($curVal);
|
||||
|
||||
$text .= $tp->parseTemplate($USERSETTINGS_EDIT, true, $usersettings_shortcodes); //ParseSC must be set to true so that custom plugin -shortcodes can be utilized.
|
||||
|
||||
|
||||
$text .= "<div><input type='hidden' name='_uid' value='{$uuid}' /></div>
|
||||
</form>
|
||||
";
|
||||
|
||||
$caption = (isset($USERSETTINGS_EDIT_CAPTION)) ? $USERSETTINGS_EDIT_CAPTION : LAN_USET_39; // 'Update User Settings'
|
||||
|
||||
$ns->tablerender($caption, $text);
|
||||
|
||||
if(!$adminEdit)
|
||||
{
|
||||
require_once (FOOTERF);
|
||||
}
|
||||
else
|
||||
{
|
||||
require_once(e_ADMIN."footer.php");
|
||||
}
|
||||
|
||||
|
||||
|
||||
|
||||
// If a field is required, returns a red asterisk
|
||||
function req($field)
|
||||
{
|
||||
$ret = "";
|
||||
if ($field == 2)
|
||||
{
|
||||
$ret = "<span class='required'> *</span>";
|
||||
}
|
||||
return $ret;
|
||||
}
|
||||
|
||||
$text = '<form method="post" action="'.vartrue($usersettings_form_action,e_REQUEST_URI).'" id="dataform" class="form-horizontal" enctype="multipart/form-data" autocomplete="off">';
|
||||
|
||||
//$text = (is_numeric($_uid) ? $rs->form_open("post", e_SELF."?".e_QUERY, "dataform", "", " class='form-horizontal' role='form' enctype='multipart/form-data'") : $rs->form_open("post", e_SELF, "dataform", "", " class='form-horizontal' role='form' enctype='multipart/form-data'"));
|
||||
|
||||
if (e_QUERY == "update")
|
||||
{
|
||||
$text .= "<div class='fborder' style='text-align:center'><br />".str_replace("*", "<span class='required'>*</span>", LAN_USET_9)."<br />".LAN_USET_10."<br /><br /></div>";
|
||||
}
|
||||
|
||||
// e107::scStyle($sc_style);
|
||||
e107::getScBatch('usersettings')->setVars($curVal);
|
||||
|
||||
$USERSETTINGS_EDIT = $this->getTemplate('edit');
|
||||
$USERSETTINGS_EDIT_CAPTION = $this->getTemplate('edit_caption');
|
||||
|
||||
$text .= $tp->parseTemplate($USERSETTINGS_EDIT, true, $this->sc); //ParseSC must be set to true so that custom plugin -shortcodes can be utilized.
|
||||
|
||||
|
||||
// Delete a file from the public directories. Return TRUE on success, FALSE on failure.
|
||||
// Also deletes from database if appropriate.
|
||||
function delete_file($fname, $dir = 'avatars/')
|
||||
{
|
||||
return;
|
||||
$text .= "<div><input type='hidden' name='_uid' value='{$uuid}' /></div>
|
||||
</form>
|
||||
";
|
||||
|
||||
$caption = (isset($USERSETTINGS_EDIT_CAPTION)) ? $USERSETTINGS_EDIT_CAPTION : LAN_USET_39; // 'Update User Settings'
|
||||
|
||||
$ns->tablerender($caption, $text);
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
}
|
||||
|
||||
|
||||
|
||||
|
||||
//
|
||||
/**'
|
||||
* todo review and remove method if deemed appropriate
|
||||
* Delete a file from the public directories. Return TRUE on success, FALSE on failure.
|
||||
* Also deletes from database if appropriate.
|
||||
* @param $fname
|
||||
*/
|
||||
private function deleteFile($fname)
|
||||
{
|
||||
/*
|
||||
$dir = 'avatars/';
|
||||
|
||||
$sql = e107::getDb();
|
||||
$tp = e107::getParser();
|
||||
|
||||
@@ -837,5 +935,27 @@ function delete_file($fname, $dir = 'avatars/')
|
||||
}
|
||||
return false;
|
||||
*/
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
$us = new usersettings_front;
|
||||
require_once (HEADERF);
|
||||
$us->init();
|
||||
require_once (FOOTERF);
|
||||
|
||||
|
||||
|
||||
// If a field is required, returns a red asterisk
|
||||
function req($field)
|
||||
{
|
||||
$ret = "";
|
||||
if ($field == 2)
|
||||
{
|
||||
$ret = "<span class='required'> *</span>";
|
||||
}
|
||||
return $ret;
|
||||
}
|
||||
|
||||
|
||||
|
||||
|
Reference in New Issue
Block a user